Manualshelf

HP-UX Directory Server 8.1 deployment guide

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
81828384858687888990
6.4 Using replication with other Directory Server features
Replication interacts with other Directory Server features to provide advanced replication features.
The following sections describe feature interactions to better design the replication strategy.
6.4.1 Replication and access control
The directory service stores ACIs as attributes of entries. This means that the ACI is replicated
together with other directory content. This is important because Directory Server evaluates ACIs
locally.
For more information about designing access control for the directory, see Chapter 8 “Designing
a secure directory”.
6.4.2 Replication and Directory Server plug-ins
Replication works with most of the plug-ins delivered with Directory Server. There are some
exceptions and limitations in the case of multi-master replication with the following plug-ins:
Attribute Uniqueness Plug-in
The Attribute Uniqueness Plug-in validate attribute values added to local entries to make
sure that all values are unique. However, this checking is done directly on the server, not
replicated from other suppliers. For example, Example Corp. requires that the mail attribute
be unique, but two users are added with the same mail attribute to two different supplier
servers at the same time. As long as there it no a naming conflict, then there is no replication
conflict, but the mail attribute is not unique.
Referential Integrity Plug-in
Referential integrity works with multi-master replication, provided that this plug-in is
enabled on only one supplier in the multi-master set. This ensures that referential integrity
updates occur on only one of the supplier servers and propagated to the others.
NOTE:
By default, these plug-ins are disabled, and they must be manually enabled.
6.4.3 Replication and database links
With chaining to distribute directory entries, the server containing the database link references
a remote server that contains the actual data. In this environment, the database link itself cannot
be replicated. However, the database that contains the actual data on the remote server can be
replicated.
Do not use the replication process as a backup for database links. Database links must be backed
up manually. For more information about chaining and entry distribution, see
Chapter 5 “Designing the directory topology”.
90 Designing the replication process